Hi Sean, Am 08.07.22 um 11:24 schrieb Sean Carte:
Ah, but wait, I remembered the chain of events that led to me installing the cert, whose chain is broken:The F5 firewall seems to provide certification through its wildcard certificate. So if you visit our current DSpace-CRIS 5 repository at https://openscholar.dut.ac.za/ <https://openscholar.dut.ac.za/> and check the connection security for that site, you will see that it is verified by Sectigo Ltd. However, on that server, I'm using a self-signed certificate. (It used to be LetsEncrypt before the F5.)
[…]I'm not sure if I can follow you…we only have IP-based FWs, the encryption is done always on the host. You have a self-signed cert and the F5 decrypts inside - like a browser / proxy- and encrypts again with another cert to outside ?
Michael -- All messages to this mailing list should adhere to the Code of Conduct: https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx--- You received this message because you are subscribed to the Google Groups "DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dspace-tech+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/dspace-tech/550e7ada-9d67-00bd-8eb7-0b24fb0dc867%40bibliothek.uni-kassel.de.
smime.p7s
Description: S/MIME Cryptographic Signature
